vSphere with Tanzu you can turn vSphere clusters to a platform for running Kubernetes workloads in dedicated resource pools. Once enabled on vSphere clusters, vSphere with Tanzu creates a Kubernetes control plane directly in the hypervisor layer. You can then run Kubernetes containers by deploying vSphere Pods, or you can create upstream Kubernetes clusters through the VMware Tanzu™ Kubernetes Grid™ and run your applications inside these clusters.
What to read next
What Is vSphere with Tanzu? You can use vSphere with Tanzu to transform vSphere to a platform for running Kubernetes workloads natively on the hypervisor layer. When enabled on vSphere clusters, vSphere with Tanzu provides the capability to run Kubernetes workloads directly on ESXi hosts and to create upstream Kubernetes clusters within dedicated namespaces called vSphere Namespace.
What is a vSphere Namespace? A vSphere Namespace sets the resource boundaries where vSphere Pods, VMs, and Tanzu Kubernetes Grid clusters can run. As a vSphere administrator, you create and configure vSphere Namespaces through the vSphere Client.
vSphere with Tanzu User Roles and Workflows The vSphere with Tanzu platform involves two roles, the vSphere administrator and the DevOps engineer. The DevOps engineer is comprising the role of DevOps, application developer, and Kubernetes administrator. Both roles interact with the platform through different interfaces and can have users or user groups defined for them in vCenter Server with associated permissions. The workflows for the vSphere administrator and DevOps engineer roles are distinct and determined by the specific area of expertise these roles require.
How Does vSphere with Tanzu Change the vSphere Environment? A Supervisor adds objects to the vCenter Server inventory, such as namespaces, vSphere Pods, and Tanzu Kubernetes Grid clusters.
Licensing for vSphere with Tanzu Once you configure a vSphere cluster for vSphere with Tanzu and it becomes a Supervisor, you must assign the cluster a Tanzu edition license before the 60 day evaluation period expires.
vSphere with Tanzu Identity and Access Management As a vSphere administrator, you need privileges to activate and configure a Supervisor and to manage vSphere Namespaces. You define permissions on namespaces to determine which DevOps engineers and developers can access them. You can also configure the Supervisor with an external OpenID Connect (OIDC) provider to enable multi-factor authentication. As a DevOps engineer or developer, you authenticate with the Supervisor by using either your vCenter Single Sign-On credentials or credentials from an OIDC provider depending on what your vSphere administrator has configured for you on the Supervisor. You can access only the vSphere Namespaces for which you have permissions.
vSphere with Tanzu Security vSphere with Tanzu leverages vSphere security features and provisions Tanzu Kubernetes Grid clusters that are secure by default.